Skip to content

Commit 0b6f353

Browse files
jdomeracki-coderjdomeracki-coder
authored
chore: override version of DOMPurify (coder#19574)
The [DOMPurify](https://github.com/cure53/DOMPurify) version used by the latest version of [monaco-editor](https://github.com/microsoft/monaco-editor) contains [at least one known CVE](https://security.snyk.io/package/npm/dompurify/3.1.7) coder#19445 coder#19446 This PR aims to override the version to resolve security issues: https://www.npmjs.com/package/dompurify/v/3.2.6
1 parent cc308d1 commit 0b6f353

File tree

2 files changed

+3
-1
lines changed

2 files changed

+3
-1
lines changed

site/package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -204,7 +204,8 @@
204204
"@babel/helpers": "7.26.10",
205205
"esbuild": "^0.25.0",
206206
"form-data": "4.0.4",
207-
"prismjs": "1.30.0"
207+
"prismjs": "1.30.0",
208+
"dompurify": "3.2.6"
208209
},
209210
"ignoredBuiltDependencies": [
210211
"storybook-addon-remix-react-router"

site/pnpm-lock.yaml

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)